[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
BCP38 and Red Hat
- Subject: BCP38 and Red Hat
- From: list at satchell.net (Stephen Satchell)
- Date: Thu, 15 Dec 2016 06:48:13 -0800
Just a reminder that I have a feature request outstanding with Red Hat
to add support for BCP38, as well as measures for certain protocol-based
amplification reflection attacks. My intent for making the suggestion
is to stiffen firewalld(8) in Red Hat Enterprise and clones,
particularly when an RHEL-based box is used as an edge router or
I've looked at firewalld, and it would be easy to add *some* of BCP38
into it rather quickly...assuming that the developers step up to the
plate. There are parts of BCP38 that won't be so easy to do, given the
architecture of the package.
In my spare time, by the way, I'm working on a BCP-compilant firewall
generator for IPTABLES. Spare time? Well, that *is* a bit of a laugh...